Dr.Buck

(Et au passage, c'est toujours aussi lent au démarrage, je viens de faire un test pour voir ^^)

Voilà ledit rapport... ComboFix 09-07-19.02 - Simon 19/07/2009 23:08.1.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.3326.2912 [GMT 2:00] Running from: c:\documents and settings\Administrateur\Bureau\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrateur\Application Data\bcrypt.html c:\documents and settings\Administrateur\Application Data\wiaserva.log c:\documents and settings\Administrateur\Application Data\wiaservg.log c:\documents and settings\All Users\Application Data\91655456.ini C:\objigl.exe c:\recycler\S-1-5-21-1460867276-7665013202-045428668-6375 c:\recycler\S-1-5-21-3214638215-1496659101-022166237-8850 c:\recycler\S-1-5-21-3214638215-1496659101-022166237-8850\Desktop.ini c:\recycler\S-1-5-21-3214638215-1496659101-022166237-8850\sysdate.exe c:\recycler\S-1-5-21-3920187939-0544061040-633157823-6926 c:\recycler\S-1-5-21-6147786279-6865458050-586454884-7745 c:\recycler\S-1-5-21-6623632130-5475223393-963976202-8629 c:\windows\Installer\5cf70.msi c:\windows\Installer\853804.msi c:\windows\Installer\c0a59.msi c:\windows\system32\ATIODCLI.exe c:\windows\system32\ATIODE.exe c:\windows\system32\drivers\acpi32.sys c:\windows\system32\drivers\ws2_32sik.sys . ((((((((((((((((((((((((( Files Created from 2009-06-19 to 2009-07-19 ))))))))))))))))))))))))))))))) . 2009-07-19 20:41 . 2009-07-19 20:41 -------- d-----w- c:\program files\Screamer Radio 2009-07-19 16:38 . 2009-07-19 16:38 -------- d-----w- C:\rsit 2009-07-17 20:16 . 2009-07-17 20:16 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Pixmantec 2009-07-17 20:15 . 2009-07-17 20:15 -------- d-----w- c:\program files\Pixmantec 2009-07-17 19:49 . 2009-07-17 19:49 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Nikon 2009-07-17 19:49 . 2009-07-17 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Bundle 2009-07-17 19:49 . 2009-07-17 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Channel 2009-07-17 19:48 . 2009-07-17 19:48 49152 ----a-r- c:\documents and settings\Administrateur\Application Data\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe 2009-07-17 19:48 . 2009-07-17 19:48 57344 ----a-r- c:\documents and settings\Administrateur\Application Data\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe 2009-07-17 19:47 . 2009-07-17 20:05 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Nikon 2009-07-17 19:47 . 2009-07-17 20:05 -------- d-----w- c:\program files\Fichiers communs\Nikon 2009-07-17 19:47 . 2009-07-17 19:47 -------- d-----w- c:\program files\Nikon 2009-07-17 19:47 . 2009-07-17 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Ultima_T15 2009-07-17 19:47 . 2009-07-17 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\EnterNHelp 2009-07-16 18:43 . 2009-07-16 18:43 -------- d-----w- c:\windows\nview 2009-07-16 18:43 . 2009-03-27 22:03 453152 ----a-w- c:\windows\system32\nvuninst.exe 2009-07-16 18:43 . 2009-03-27 22:03 453152 ----a-w- c:\windows\system32\nvudisp.exe 2009-07-16 18:37 . 2009-07-16 18:37 -------- d-----w- c:\windows\system32\wbem\Repository 2009-07-13 23:52 . 2009-07-13 23:52 -------- d-----w- C:\_OTM 2009-07-12 22:05 . 2009-07-13 11:48 -------- d-----w- C:\ToolBar SD 2009-07-12 22:03 . 2009-07-12 22:03 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\G DATA 2009-07-12 20:12 . 2009-07-12 20:12 -------- d-----w- C:\b3c49daccb2868a11828fef3 2009-07-12 18:15 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2009-07-12 18:15 . 2009-04-03 09:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2009-07-12 18:15 . 2008-12-18 10:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-07-12 18:14 . 2009-07-12 18:15 -------- d-----w- c:\program files\Fichiers communs\PC Tools 2009-07-12 18:14 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2009-07-12 18:14 . 2009-07-12 20:11 -------- d-----w- c:\program files\Spyware Doctor 2009-07-12 18:14 . 2009-07-12 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools 2009-07-12 18:14 . 2009-07-12 18:14 -------- d-----w- c:\documents and settings\Administrateur\Application Data\PC Tools 2009-07-12 15:28 . 2009-07-12 15:28 68552 ----a-w- c:\windows\system32\drivers\GRD.sys 2009-07-12 14:42 . 2009-07-12 14:42 32328 ----a-w- c:\windows\system32\drivers\HookCentre.sys 2009-07-12 11:28 . 2009-07-12 11:28 -------- d-----w- c:\documents and settings\All Users\Application Data\SITEguard 2009-07-12 11:27 . 2009-07-12 14:23 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla! 2009-07-12 11:27 . 2009-07-12 11:27 -------- d-----w- c:\program files\Fichiers communs\iS3 2009-07-12 11:10 . 2009-07-13 15:35 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing 2009-07-12 10:45 . 2009-07-12 10:45 50632 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys 2009-07-12 10:44 . 2009-07-12 10:44 22272 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys 2009-07-12 10:44 . 2009-07-12 10:44 51016 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys 2009-07-12 10:44 . 2009-07-12 10:44 -------- d-sh--w- C:\#GDATA.Trash.Store# 2009-07-12 10:43 . 2009-07-12 14:50 -------- d-----w- c:\documents and settings\All Users\Application Data\G DATA 2009-07-12 10:43 . 2009-07-12 14:40 -------- d-----w- c:\program files\Fichiers communs\G DATA 2009-07-12 10:43 . 2009-07-12 10:43 -------- d-----w- c:\program files\G Data 2009-07-12 10:40 . 2009-07-12 10:40 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Downloaded Installations 2009-07-12 07:28 . 2009-07-12 07:28 -------- d-s---w- c:\windows\system32\config\systemprofile\UserData 2009-07-12 07:09 . 2009-07-12 20:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-07-12 06:54 . 2009-07-12 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\11645464 2009-07-12 06:54 . 2009-07-12 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\91655456 2009-07-09 18:38 . 2009-07-09 18:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Ahead 2009-07-03 22:09 . 2009-07-03 22:09 -------- d-----w- c:\documents and settings\Administrateur\Application Data\iZotope 2009-07-03 22:03 . 2009-07-03 22:03 -------- d-----w- c:\program files\Fichiers communs\iZotope 2009-07-03 22:02 . 2009-07-03 22:09 -------- d-----w- c:\program files\iZotope 2009-07-03 22:02 . 2009-07-03 22:02 -------- d-----w- c:\program files\Steinberg 2009-07-03 22:02 . 2009-07-03 22:02 -------- d-----w- c:\program files\Wizoo 2009-07-02 15:51 . 2009-07-02 15:51 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Braid 2009-07-02 15:51 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2009-07-02 15:50 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2009-07-02 15:50 . 2009-07-02 15:50 -------- d-----w- c:\program files\Braid 2009-06-24 11:06 . 2009-06-24 11:06 -------- d-----w- c:\program files\iPod 2009-06-24 11:06 . 2009-06-24 11:06 -------- d-----w- c:\program files\iTunes 2009-06-24 11:06 . 2009-06-24 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-06-24 11:04 . 2009-06-24 11:04 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe 2009-06-23 03:06 . 2009-06-23 03:06 -------- d-----w- c:\program files\M-Audio 2009-06-23 03:06 . 2007-01-25 09:12 22528 ----a-w- c:\windows\system32\deltasio.dll 2009-06-23 03:06 . 2007-01-25 09:12 302336 ----a-w- c:\windows\system32\drivers\delta.sys 2009-06-23 03:06 . 2007-01-25 09:11 1122304 ----a-w- c:\windows\system32\deltapnl.exe 2009-06-23 03:06 . 2007-01-25 09:11 46592 ----a-w- c:\windows\system32\deltapnl.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-19 21:17 . 2009-02-20 12:09 16608 ----a-w- c:\windows\gdrv.sys 2009-07-17 21:08 . 2009-02-20 16:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\FileZilla 2009-07-17 20:18 . 2009-07-17 19:47 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLbx.DAT 2009-07-17 19:49 . 2009-07-17 19:49 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLck.DAT 2009-07-16 21:03 . 2009-02-22 13:34 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Canon 2009-07-16 20:24 . 2009-03-04 22:45 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Digidesign 2009-07-16 18:48 . 2009-07-16 18:48 -------- d-----w- c:\program files\My Company Name 2009-07-12 10:41 . 2009-03-30 00:27 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-07-12 10:41 . 2009-03-30 00:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-07-12 07:20 . 2004-08-05 12:00 212480 ----a-w- c:\windows\system32\drivers\ndis.sys 2009-07-11 22:58 . 2009-02-20 19:10 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Azureus 2009-07-04 09:57 . 2009-03-07 01:44 -------- d-----w- c:\program files\FileZilla FTP Client 2009-06-25 15:33 . 2009-03-06 21:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\dvdcss 2009-06-24 11:06 . 2009-02-22 19:59 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-06-24 11:06 . 2009-02-22 19:59 -------- d-----w- c:\program files\QuickTime 2009-06-24 11:03 . 2009-02-22 20:01 -------- d-----w- c:\program files\Bonjour 2009-06-23 03:06 . 2009-02-20 12:10 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-16 14:54 . 2004-08-05 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:54 . 2004-08-05 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-08 21:21 . 2009-02-20 14:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-06-08 10:30 . 2009-06-07 23:36 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure 2009-06-07 23:36 . 2009-06-07 23:36 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DriverCure 2009-06-07 23:36 . 2009-06-07 23:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic 2009-06-07 16:06 . 2009-06-07 16:06 10134 ----a-r- c:\documents and settings\Administrateur\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe 2009-06-07 16:06 . 2009-06-07 16:06 -------- d-----w- c:\program files\Microsoft WSE 2009-06-07 15:53 . 2009-06-07 15:53 -------- d-----w- c:\program files\Electronic Arts 2009-06-04 21:43 . 2009-04-03 15:25 -------- d-----w- c:\program files\Microsoft Office Outlook Connector 2009-06-03 19:27 . 2004-08-05 12:00 1296896 ----a-w- c:\windows\system32\quartz.dll 2009-05-24 09:56 . 2004-08-05 12:00 96082 ----a-w- c:\windows\system32\perfc00C.dat 2009-05-24 09:56 . 2004-08-05 12:00 517524 ----a-w- c:\windows\system32\perfh00C.dat 2009-05-08 22:55 . 2009-03-17 01:28 256 ----a-w- c:\windows\system32\pool.bin 2009-05-07 15:43 . 2004-08-05 12:00 347136 ----a-w- c:\windows\system32\localspl.dll 2009-05-01 17:15 . 2009-05-01 17:15 368640 ----a-w- c:\windows\system32\ReWire.dll 2009-05-01 17:15 . 2009-05-01 17:15 233472 ----a-w- c:\windows\system32\REX Shared Library.dll 2009-05-01 16:47 . 2009-05-01 16:47 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-04-29 04:52 . 2004-08-05 12:00 663552 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:52 . 2004-08-05 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-07-17 21:07 . 2009-02-20 13:32 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll . ------- Sigcheck ------- [-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys [-] 2009-07-12 07:20 212480 4E8B4F9E5CD6EB7042F726D1DEAD2DB7 c:\windows\system32\dllcache\ndis.sys [-] 2009-07-12 07:20 212480 4E8B4F9E5CD6EB7042F726D1DEAD2DB7 c:\windows\system32\drivers\ndis.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "M-Audio Taskbar Icon"="c:\windows\System32\M-AudioTaskBarIcon.exe" [2007-01-25 154112] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "wave5"=Digi32.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R0 DigiFilter;DigiFilter;c:\windows\system32\drivers\DigiFilt.sys [05/03/2009 00:15 20480] R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [20/02/2009 14:10 80392] R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [14/04/2006 11:07 28933976] S2 gupdate1c9c2aa84b2da54;Service Google Update (gupdate1c9c2aa84b2da54);c:\program files\Google\Update\GoogleUpdate.exe [21/04/2009 19:56 133104] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 22:22 34064] S4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe --> c:\program files\AskBarDis\bar\bin\AskService.exe [?] S4 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe --> c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [?] . Contents of the 'Scheduled Tasks' folder 2009-06-24 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2009-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-21 17:56] 2009-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-21 17:56] 2009-07-19 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-04-22 20:18] . - - - - ORPHANS REMOVED - - - - WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll . ------- Supplementary Scan ------- . uStart Page = hxxp://safe.google.com IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\9fmh89yx.default\ FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-19 23:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\docume~1\ADMINI~1\LOCALS~1\Temp\RGI4.tmp 7136 bytes scan completed successfully hidden files: 1 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1032) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(5424) c:\progra~1\WINDOW~2\wmpband.dll c:\program files\iTunes\iTunesMiniPlayer.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\windows\system32\scardsvr.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Digidesign\Drivers\MMERefresh.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\rundll32.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\program files\Internet Explorer\IEXPLORE.EXE c:\windows\system32\wbem\wmiapsrv.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2009-07-19 23:23 - machine was rebooted ComboFix-quarantined-files.txt 2009-07-19 21:23 Pre-Run: 435 302 854 656 octets libres Post-Run: 435 932 196 864 octets libres 296 --- E O F --- 2009-07-16 18:43

le deuxième! info.txt logfile of random's system information tool 1.06 2009-07-19 18:38:56 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->MsiExec.exe /I{48A669A9-76FA-4CA8-BFD5-00C125AC4166} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A} Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe Dreamweaver CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\ad19d2ae8332572b119cf35fd0a30d8\Setup.exe Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3} Adobe Fireworks CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\ba9815ac58164aa9fea0bd903e9fe83\Setup.exe Adobe Fireworks CS3-->MsiExec.exe /I{21C4D775-368A-46C4-8DC3-4207165B7115} Adobe Flash CS3 Professional-->C:\Program Files\Fichiers communs\Adobe\Installers\b2b4b1546e74314f8131ded43e4bd9d\Setup.exe Adobe Flash CS3-->MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C} Adobe Flash Video Encoder-->MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E} Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D} Adobe Reader 9.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Adobe Setup-->MsiExec.exe /I{82503EA7-7E08-4AA8-90E9-BE4D0A6D453F} Adobe Setup-->MsiExec.exe /I{D2E18162-47FB-4216-8AB3-F420C1AF75A4} Adobe Setup-->MsiExec.exe /I{F73A5E2B-FC9D-4E80-82CB-B7B167C5DED7} Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} AFPL Ghostscript 8.53-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.53\uninstal.txt" AFPL Ghostscript Fonts-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\fonts\uninstal.txt" Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E} ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7} AVIVO Codecs-->MsiExec.exe /X{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6} BlackBerry Desktop Software 4.7-->MsiExec.exe /I{9833D727-8FF5-40AE-A193-525747555FF1} BlackBerry Desktop Software 4.7-->MsiExec.exe /i{9833D727-8FF5-40AE-A193-525747555FF1} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Browser Configuration Utility-->"C:\Program Files\InstallShield Installation Information\{E8AEA11B-E60A-455E-B008-E4E763604612}\setup.exe" -runfromtemp -l0x0009 -removeonly BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe" Capture NX 2-->C:\Program Files\Nikon\Capture NX 2\uninstall.exe Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} CodeStuff Starter-->"C:\Program Files\CodeStuff\Starter\unStarter.exe" Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Dekart SIM Manager 2.3-->RunDll32 advpack.dll,LaunchINFSection C:\PROGRA~1\Dekart\SIMMAN~1\meditor.inf, DefaultUninstall Delta-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A4810699-E859-43A6-8F40-1743873E72AB}\setup.exe" -l0x9 -removeonly Digidesign Pro Tools® LE 6.7-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2855E177-C18C-4834-AC0A-01D8E015D167}\Setup.exe" -l0x9 FromMaintenance Digidesign Pro Tools® M-Powered 6.8-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D0B3321-6B33-415D-AE8A-A9E1177ECF4D}\Setup.exe" -l0x9 FromUninstall Digidesign Shared Plug-Ins-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DBCD674C-1751-4548-9005-980F03083187}\Setup.exe" -l0x9 FromUninstall Energy Saver Advance B8.0905.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7ED169D4-5053-4166-93DF-53B12AE6C539}\setup.exe" -l0x9 -removeonly Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62} FileZilla Client 3.2.4.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe Gestionnaire de contacts professionnels pour Outlook 2007-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {69ca8988-1c6c-4285-b8af-db780a6e42af} Gestionnaire de contacts professionnels pour Outlook 2007-->MsiExec.exe /X{69ca8988-1c6c-4285-b8af-db780a6e42af} Gigabyte Raid Configurer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\SETUP.EXE" -l0x40c -removeonly Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 2.0 (KB922981)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {A1D5A6B2-B620-41F9-B435-10A4FF3C18A2} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" Hotfix pour Microsoft .NET Framework 2.0 (KB923319)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {3C87D1CF-1592-4BFA-9B3E-380580EFAF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Interlok driver setup x32-->MsiExec.exe /X{25613C10-27D2-410B-942B-D922D5C3A7BE} iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD} Java 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly Live 7.0.3-->C:\PROGRA~1\ableton\LIVE70~1.3\Install\UNWISE.EXE C:\PROGRA~1\ableton\LIVE70~1.3\Install\INSTALL.LOG Live Delta-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ableton\Live Delta\Uninst.isu" Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F} Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D} Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6} Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB} Macromedia Flash Player 8-->MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9} Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D} Microsoft Office Ultimate 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ULTIMATER /dll OSETUP.DLL Microsoft Office Ultimate 2007-->MsiExec.exe /X{91120000-002E-0000-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791} Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove Microsoft SQL Server Native Client-->MsiExec.exe /I{90283F22-0731-43B6-81FD-E6DD911A31FB} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{C74B273E-DF20-4955-899B-15205119894C} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mozilla Firefox (3.5.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5} Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID="" Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71} NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PACE System Files-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28F58CDE-6241-4B11-8232-6A5D4FB06E8B}\Setup.exe" -l0x9 FromUninstall PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PDFill PDF Tools (FREE)-->MsiExec.exe /I{D12EBB4E-CF21-496D-979F-89D9DE58C5B8} PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" Picture Control Utility-->MsiExec.exe /X{87441A59-5E64-4096-A170-14EFE67200C3} QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} RawShooter essentials 2006-->C:\PROGRA~1\PIXMAN~1\RAWSHO~1.0\UNWISE.EXE C:\PROGRA~1\PIXMAN~1\RAWSHO~1.0\INSTALL.LOG REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c -removeonly Reason 4.0-->"C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe" Roxio Media Manager-->MsiExec.exe /X{AC93F461-132C-4A10-983D-7DAFE2917D67} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SimEdit-->C:\Program Files\InstallShield Installation Information\{2BC913A5-4C55-4677-B3B9-F13665CC16C3}\setup.exe -runfromtemp -l0x040c -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" USB97C223/224 Software-->MsiExec.exe /I{CFA9C1EE-8D76-477E-9E26-D24C26F11F47} VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe" Vuze-->C:\Program Files\Vuze\uninstall.exe WebmailSync 1.18-->"C:\Program Files\WebmailSync\unins000.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7} World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2} ======Hosts File====== 127.0.0.1 localhost ======System event log====== Computer Name: P-9C80FC3874BF4 Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 5 Source Name: EventLog Time Written: 20090714145059.000000+120 Event Type: Informations User: Computer Name: P-9C80FC3874BF4 Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Multiprocessor Free. Record Number: 4 Source Name: EventLog Time Written: 20090714145059.000000+120 Event Type: Informations User: Computer Name: P-9C80FC3874BF4 Event Code: 268 Message: Record Number: 3 Source Name: PCTCore Time Written: 20090714143236.000000+120 Event Type: Informations User: Computer Name: P-9C80FC3874BF4 Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20090714143236.000000+120 Event Type: Informations User: Computer Name: P-9C80FC3874BF4 Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Multiprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20090714143236.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: P-9C80FC3874BF4 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 10601 Source Name: SecurityCenter Time Written: 20090708143131.000000+120 Event Type: Informations User: Computer Name: P-9C80FC3874BF4 Event Code: 1007 Message: Le CLUF a déjà été refusé. Record Number: 10600 Source Name: WgaSetup Time Written: 20090708143130.000000+120 Event Type: Informations User: Computer Name: P-9C80FC3874BF4 Event Code: 1003 Message: Échec de l'installation. code = 0x800704c7, erreur = L'opération a été annulée par l'utilisateur. Record Number: 10599 Source Name: WgaSetup Time Written: 20090708143130.000000+120 Event Type: Informations User: Computer Name: P-9C80FC3874BF4 Event Code: 1005 Message: L'utilisateur a refusé le CLUF. Record Number: 10598 Source Name: WgaSetup Time Written: 20090708143130.000000+120 Event Type: Informations User: Computer Name: P-9C80FC3874BF4 Event Code: 9688 Message: Le gestionnaire Service Broker a démarré. Record Number: 10597 Source Name: MSSQL$MSSMLBIZ Time Written: 20090708143103.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared\;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=170a "NUMBER_OF_PROCESSORS"=4 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------

Premier rapport! Logfile of random's system information tool 1.06 (written by random/random) Run by Simon at 2009-07-19 18:38:51 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 415 GB (68%) free of 610 GB Total RAM: 3326 MB (83% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:38:55, on 19/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Digidesign\Drivers\MMERefresh.exe C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\M-AudioTaskBarIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Documents and Settings\Administrateur\Bureau\Simon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://safe.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll O1 - Hosts: 24.173.86.145 www.safe.google.com O1 - Hosts: 24.173.86.145 safe.google.com O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe O23 - Service: Service Google Update (gupdate1c9c2aa84b2da54) (gupdate1c9c2aa84b2da54) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 6832 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Progra [2009-07-12 61] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "M-Audio Taskbar Icon"=C:\WINDOWS\System32\M-AudioTaskBarIcon.exe [2007-01-25 154112] "QuickTime Task"=C:\Progra [2009-07-12 61] "iTunesHelper"=C:\Progra [2009-07-12 61] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-28 13684736] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-28 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA [2009-07-12 61] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48f346ad-5cc7-11de-8e0f-001fd08fc99e}] shell\AutoRun\command - E:\storage\sys.exe shell\opEN\command - E:\storage\sys.exe ======File associations====== .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2009-07-19 18:38:51 ----D---- C:\rsit 2009-07-19 17:47:47 ----A---- C:\Rapport-FS.txt 2009-07-17 22:16:21 ----D---- C:\Documents and Settings\Administrateur\Application Data\Pixmantec 2009-07-17 22:15:31 ----D---- C:\Program Files\Pixmantec 2009-07-17 21:49:22 ----D---- C:\Documents and Settings\All Users\Application Data\Bundle 2009-07-17 21:49:20 ----D---- C:\Documents and Settings\All Users\Application Data\Channel 2009-07-17 21:47:57 ----D---- C:\Program Files\Fichiers communs\Nikon 2009-07-17 21:47:57 ----D---- C:\Documents and Settings\Administrateur\Application Data\Nikon 2009-07-17 21:47:53 ----D---- C:\Program Files\Nikon 2009-07-17 21:47:47 ----D---- C:\Documents and Settings\All Users\Application Data\Ultima_T15 2009-07-17 21:47:47 ----D---- C:\Documents and Settings\All Users\Application Data\EnterNHelp 2009-07-16 20:48:18 ----D---- C:\Program Files\My Company Name 2009-07-16 20:48:05 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2009-07-16 20:48:05 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2009-07-16 20:48:05 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2009-07-16 20:48:05 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2009-07-16 20:48:05 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2009-07-16 20:48:03 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2009-07-16 20:48:03 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2009-07-16 20:48:03 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2009-07-16 20:48:03 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2009-07-16 20:48:03 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2009-07-16 20:48:02 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2009-07-16 20:48:02 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2009-07-16 20:48:02 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2009-07-16 20:48:02 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2009-07-16 20:48:02 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2009-07-16 20:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$ 2009-07-16 20:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2009-07-16 20:43:07 ----D---- C:\WINDOWS\nview 2009-07-16 20:43:07 ----A---- C:\WINDOWS\system32\nvuninst.exe 2009-07-16 20:43:07 ----A---- C:\WINDOWS\system32\nvudisp.exe 2009-07-16 20:42:48 ----A---- C:\WINDOWS\system32\MRT.INI 2009-07-16 20:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$ 2009-07-14 01:52:40 ----D---- C:\_OTM 2009-07-13 00:06:13 ----A---- C:\TB.txt 2009-07-13 00:05:49 ----D---- C:\ToolBar SD 2009-07-12 22:12:44 ----D---- C:\b3c49daccb2868a11828fef3 2009-07-12 22:12:44 ----A---- C:\WINDOWS\system32\MRT.exe 2009-07-12 20:14:51 ----D---- C:\Program Files\Fichiers communs\PC Tools 2009-07-12 20:14:48 ----D---- C:\Program Files\Spyware Doctor 2009-07-12 20:14:48 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools 2009-07-12 20:14:48 ----D---- C:\Documents and Settings\Administrateur\Application Data\PC Tools 2009-07-12 20:09:20 ----D---- C:\WINDOWS\pss 2009-07-12 13:28:11 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard 2009-07-12 13:27:42 ----D---- C:\Program Files\Fichiers communs\iS3 2009-07-12 13:27:42 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla! 2009-07-12 12:44:11 ----SHD---- C:\#GDATA.Trash.Store# 2009-07-12 12:43:53 ----D---- C:\Program Files\G Data 2009-07-12 12:43:53 ----D---- C:\Program Files\Fichiers communs\G DATA 2009-07-12 12:43:53 ----D---- C:\Documents and Settings\All Users\Application Data\G DATA 2009-07-12 10:00:35 ----D---- C:\WINDOWS\CSC 2009-07-12 09:55:54 ----A---- C:\WINDOWS\ntbtlog.txt 2009-07-12 09:09:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-07-12 08:54:36 ----A---- C:\Documents and Settings\All Users\Application Data\91655456.ini 2009-07-12 08:54:33 ----D---- C:\Documents and Settings\All Users\Application Data\91655456 2009-07-12 08:54:33 ----D---- C:\Documents and Settings\All Users\Application Data\11645464 2009-07-12 08:54:23 ----A---- C:\objigl.exe 2009-07-09 20:38:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Ahead 2009-07-09 17:28:23 ----A---- C:\WINDOWS\ModemLog_Modem standard.txt 2009-07-04 00:09:42 ----D---- C:\Documents and Settings\Administrateur\Application Data\iZotope 2009-07-04 00:03:00 ----D---- C:\Program Files\Fichiers communs\iZotope 2009-07-04 00:02:59 ----D---- C:\Program Files\iZotope 2009-07-04 00:02:32 ----D---- C:\Program Files\Steinberg 2009-07-04 00:02:28 ----D---- C:\Program Files\Wizoo 2009-07-02 17:51:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Braid 2009-07-02 17:51:01 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2009-07-02 17:50:59 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2009-07-02 17:50:39 ----D---- C:\Program Files\Braid 2009-06-24 13:06:33 ----D---- C:\Program Files\iPod 2009-06-24 13:06:32 ----D---- C:\Program Files\iTunes 2009-06-24 13:06:32 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-06-23 05:06:44 ----D---- C:\Program Files\M-Audio 2009-06-23 05:06:44 ----A---- C:\WINDOWS\system32\deltasio.dll 2009-06-23 05:06:44 ----A---- C:\WINDOWS\system32\deltapnl.exe 2009-06-23 05:06:44 ----A---- C:\WINDOWS\system32\deltapnl.dll ======List of files/folders modified in the last 1 months====== 2009-07-19 18:38:02 ----A---- C:\WINDOWS\NeroDigital.ini 2009-07-19 18:37:15 ----D---- C:\Program Files\Mozilla Firefox 2009-07-19 18:05:33 ----D---- C:\WINDOWS 2009-07-19 18:01:28 ----D---- C:\WINDOWS\Temp 2009-07-18 00:08:59 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-07-17 23:08:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\FileZilla 2009-07-17 22:16:58 ----SHD---- C:\RECYCLER 2009-07-17 22:15:31 ----RD---- C:\Program Files 2009-07-17 22:14:58 ----D---- C:\WINDOWS\system32 2009-07-17 21:48:46 ----SHD---- C:\WINDOWS\Installer 2009-07-17 21:48:45 ----SHD---- C:\Config.Msi 2009-07-17 21:48:29 ----RSD---- C:\WINDOWS\assembly 2009-07-17 21:47:57 ----D---- C:\Program Files\Fichiers communs 2009-07-17 12:19:36 ----D---- C:\WINDOWS\system32\CatRoot2 2009-07-16 22:24:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\Digidesign 2009-07-16 22:21:09 ----ASD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-07-16 22:21:09 ----AD---- C:\Program Files\Outlook Express 2009-07-16 22:21:09 ----AD---- C:\Program Files\Fichiers communs\System 2009-07-16 20:48:05 ----HD---- C:\WINDOWS\inf 2009-07-16 20:47:48 ----D---- C:\WINDOWS\system32\DirectX 2009-07-16 20:43:17 ----HD---- C:\WINDOWS\$hf_mig$ 2009-07-16 20:43:15 ----A---- C:\WINDOWS\imsins.BAK 2009-07-16 20:43:12 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-07-16 20:43:12 ----D---- C:\WINDOWS\Help 2009-07-16 20:43:03 ----D---- C:\WINDOWS\system32\drivers 2009-07-16 20:38:08 ----D---- C:\WINDOWS\system32\config 2009-07-16 20:37:54 ----D---- C:\WINDOWS\system32\wbem 2009-07-16 20:37:53 ----D---- C:\WINDOWS\Registration 2009-07-16 20:37:27 ----D---- C:\WINDOWS\system32\Restore 2009-07-16 20:18:36 ----D---- C:\WINDOWS\Minidump 2009-07-12 20:10:12 ----SH---- C:\boot.ini 2009-07-12 20:10:12 ----A---- C:\WINDOWS\win.ini 2009-07-12 20:10:12 ----A---- C:\WINDOWS\system.ini 2009-07-12 19:59:23 ----D---- C:\WINDOWS\Prefetch 2009-07-12 16:40:49 ----D---- C:\WINDOWS\WinSxS 2009-07-12 12:41:59 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-07-12 12:41:58 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-07-12 00:58:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\Azureus 2009-07-08 20:41:10 ----D---- C:\Documents and Settings\Administrateur\Application Data\Canon 2009-07-04 11:57:58 ----D---- C:\Program Files\FileZilla FTP Client 2009-06-30 16:52:47 ----SD---- C:\WINDOWS\Tasks 2009-06-25 17:33:48 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss 2009-06-24 13:06:40 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-06-24 13:06:32 ----D---- C:\Program Files\Fichiers communs\Apple 2009-06-24 13:06:04 ----D---- C:\Program Files\QuickTime 2009-06-24 13:03:51 ----D---- C:\Program Files\Bonjour 2009-06-23 05:06:43 ----HD---- C:\Program Files\InstallShield Installation Information 2009-06-23 01:59:36 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 DELTA;Service for Delta Driver (WDM); C:\WINDOWS\system32\DRIVERS\delta.sys [2007-01-25 302336] R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-28 6280416] R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] S3 a2h4up4g;a2h4up4g; C:\WINDOWS\system32\drivers\a2h4up4g.sys [] S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312] S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 RimUsb;Téléphone intelligent BlackBerry ; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-05-20 22784] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616] S3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\Rts5161ccid.sys [2008-06-11 40960] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Progra [2009-07-12 61] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112] R2 Bonjour Service;Service Bonjour; C:\Progra [2009-07-12 61] R2 DigiRefresh;Digidesign MME Refresh Service; C:\Progra [2009-07-12 61] R2 GEST Service;GEST Service for program management.; C:\Progra [2009-07-12 61] R2 JavaQuickStarterService;Java Quick Starter; C:\Progra [2009-07-12 61] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Progra [2009-07-12 61] R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Progra [2009-07-12 61] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-28 163908] R2 StarWindServiceAE;StarWind AE Service; C:\Progra [2009-07-12 61] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] R3 iPod Service;Service de l’iPod; C:\Progra [2009-07-12 61] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920] S2 gupdate1c9c2aa84b2da54;Service Google Update (gupdate1c9c2aa84b2da54); C:\Progra [2009-07-12 61] S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Progra [2009-07-12 61] S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Progra [2009-07-12 61] S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Progra [2009-07-12 61] S3 Adobe LM Service;Adobe LM Service; C:\Progra [2009-07-12 61] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Progra [2009-07-12 61] S3 IDriverT;InstallDriver Table Manager; C:\Progra [2009-07-12 61] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Progra [2009-07-12 61] S3 odserv;Microsoft Office Diagnostics Service; C:\Progra [2009-07-12 61] S3 ose;Office Source Engine; C:\Progra [2009-07-12 61] S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Progra [2009-07-12 61] S3 RoxMediaDB9;RoxMediaDB9; C:\Progra [2009-07-12 61] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Progra [2009-07-12 61] S3 SQLWriter;Enregistreur VSS SQL Server; c:\Progra [2009-07-12 61] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Progra [2009-07-12 61] S4 ASKService;ASKService; C:\Progra [2009-07-12 61] S4 ASKUpgrade;ASKUpgrade; C:\Progra [2009-07-12 61] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Progra [2009-07-12 61] S4 SQLBrowser;SQL Server Browser; c:\Progra [2009-07-12 61] -----------------EOF-----------------

hum... ça ne change pas grand chose, et une petite question subsidiaire, j'utilise codestuff starter, et dans la liste des trucs qui s'ouvrent au démarrage il y a un machin qui s'appelle zqosys32.exe et qui refuse de se fermer, pourtant je n'ai jamais installé quoique ce soit et le pc a toujours très bien marché sans ce logiciel! je l'ai décoché mais impossible de le supprimer...

le rapport FoxScan Version 1.1.1 Par Loup blanc - Zebulon.fr Scan lancé le 18/07/2009 à 0:05 Microsoft Windows XP Professionnel Service Pack 2 [version 5.1.2600] Mozilla Firefox version : 3.5.1 (fr) Dossier d'installation : C:\Program Files\Mozilla Firefox ================================================================================ = ---------- Compte utilisateur : Administrateur [session en cours] ================================================================================ = Profil : default Dossier du profil : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\9fmh89yx.default\ //////////// Configuration \\\\\\\\\\\\\ ======= Profil : default ======= Mise à jour Firefox : Activé Mise à jour des modules complémentaires : Activé Mise à jour des moteurs de recherche : Activé Java : Activé Javascript : Activé Proxy : Pas de Proxy //////////// Modules complémentaires \\\\\\\\\\\\\ ======= Profil : default ======= La notification d'installation des modules complémentaires est activée Nom : Default Dossier : C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\ Etat : actif Nom : Java Console Dossier : C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ Etat : actif Nom : G Data Filtre Internet Dossier : C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}\ Etat : actif Nom : Java Quick Starter Dossier : C:\Program Files\Java\jre6\lib\deploy\jqs\ff\ Etat : actif

Pas de changement... c'est toujours interminable

Problème d'écran réglé! j'ai du racheter une carte graphique reparamétrer tout le bordel et bon, ça y est je peux utiliser le pc, est-ce qu'on peut en revenir à nos moutons, c'est à dire le rapport Hijackthis, parceque par contre c'est toujours aussi lennnnnnt à démarrer et j'ai toujours ce problème d'internet qui se lance qu'au bout de 5 minutes... le (nouveau) rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:21:10, on 16/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Digidesign\Drivers\MMERefresh.exe C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\M-AudioTaskBarIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing) O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe (file missing) O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe O23 - Service: Service Google Update (gupdate1c9c2aa84b2da54) (gupdate1c9c2aa84b2da54) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 7728 bytes

Just précision, la carte graphique est une Ati radeon HD 2400 pro 256mb

......... bon, après de nombreux essais infructueux, (je ne sais même pas si ça a changé quoique ce soit!) y aurait-il une carte graphique pas mal que vous auriez à me conseiller dans les 100 euros quelque chose comme ça?

Alors désolé pour l'attente, déjà pour dire, j'ai essayé différent cables, les différents ports de ma carte graphique, ça ne change absolument rien. Ensuite même pendant le Boot, il y a une sorte de clignotement lent (c'est à dire que toutes les 3/4 secondes l'écran devient noir 1 demi seconde et revient) au début ça ne le faisait pas mais maintenant ça le fait de temps en temps. Ensuite pour le matériel, il faut que je retrouve les boites je vous dis ça tout à l'heure, je sais juste que ma carte mère est de marque gigabyte avec des slots DDR3 et il y a marqué un truc genre "ultra durable" dessus (on a le droit de rire là?) et ma carte graphique c'est une Geforce 2400X quelque chose comme ça...

Alors alors, dans l'ordre, j'ai 2 prises sur ma carte graphique (cable blanc et cable bleu, analogique numérique c'est ça? enfin bref) j%

Alors alors, dans l'ordre, j'ai 2 prises sur ma carte graphique (cable blanc et cable bleu, analogique numérique c'est ça? enfin bref) j'ai essayé les deux, même problème. Lorsque j'ai testé l'autre écr

merci pour tant de réactivité, c'est assez fantastique... En tout cas j'espère trouver la solution!

non non je me doute que spy doctor n'est pas nuisible, pour la surchauffe j'ai checké la température c'était à 40° rien d'alarmant il me semble... par contre j'ai peut être viré accidentellement un programme avec Spyware doctor, enfin je ne sais pas...